1
00:00:01,510 --> 00:00:08,140
All right, so let's illustrate the steps that take place when a client connects to an access point

2
00:00:08,920 --> 00:00:12,660
and then we can visualize how the data transmission works.

3
00:00:14,410 --> 00:00:23,230
So stay in a station, a client that wants to connect to an access point, AP represents that access

4
00:00:23,230 --> 00:00:23,650
point.

5
00:00:25,010 --> 00:00:32,240
Now, we can separate this process into three main parts, right, probe authentication and association.

6
00:00:33,980 --> 00:00:35,750
So in the probe process.

7
00:00:36,740 --> 00:00:41,000
The EPA first sends a probe on all channels to find the AP.

8
00:00:42,530 --> 00:00:46,130
And then the apps and range answer to the probe request.

9
00:00:48,050 --> 00:00:54,480
Of course, is the very first step of connection, so in this phase, the driver of the client searches

10
00:00:54,480 --> 00:00:55,170
for an AP.

11
00:00:56,440 --> 00:00:59,050
Then in the authentication process.

12
00:01:00,070 --> 00:01:07,240
The state sends an authentication request to the AP by default to the one with the best signal.

13
00:01:08,530 --> 00:01:12,040
And then it also checks the compatibility of the encryption type.

14
00:01:13,400 --> 00:01:19,680
Then once compatable networks are discovered, the station will attempt authentication with compatible

15
00:01:19,680 --> 00:01:20,520
access points.

16
00:01:22,350 --> 00:01:27,720
And then the access point will receive the authentication frame and then it responds to the station

17
00:01:27,720 --> 00:01:32,700
with the authentication frame set to open, indicating a sequence.

18
00:01:34,290 --> 00:01:41,010
If an access point receives any frame other than an authentication or a probe request from a station

19
00:01:41,010 --> 00:01:45,780
that is not authenticated, it will respond with a D authentication frame.

20
00:01:48,670 --> 00:01:56,380
And finally, in the association process, once the station determines which access point it would be

21
00:01:56,380 --> 00:02:02,800
most likely to associate with, it will then send an association request to that access point.

22
00:02:05,320 --> 00:02:10,870
And then if the elements of the association request match the capabilities of the access point, it

23
00:02:10,870 --> 00:02:18,160
will create an association I.D. for the station and then respond with an association response with a

24
00:02:18,160 --> 00:02:22,990
success message granting network access to that Mobil station.

25
00:02:24,050 --> 00:02:28,490
Now, the Steet or station can communicate with a network.

26
00:02:30,480 --> 00:02:36,900
So after all of this process is finally completed, that it can then be exchanged on the network.

27
00:02:37,710 --> 00:02:44,550
Now, please note that there is an other phase for an encrypted networks, there's a key exchange and

28
00:02:44,550 --> 00:02:49,860
verification that will happen just after association before you're able to use the network.

29
00:02:52,580 --> 00:02:56,120
All right, so now let's have a look at the authentication methods.

30
00:02:58,090 --> 00:03:05,140
Now, there are two types of authentication, the shared authentication, and it's only used with weap

31
00:03:05,140 --> 00:03:07,210
and open authentication.

32
00:03:08,300 --> 00:03:15,800
So the steps that take place during an open authentication are basically wireless client sends an authentication

33
00:03:15,800 --> 00:03:17,180
request to the access point.

34
00:03:18,380 --> 00:03:25,130
The access point then sends an authentication response and the authentication process is completed successfully.

35
00:03:28,110 --> 00:03:37,020
Shared key authentication is another method of authenticating with weapons labeled networks, so the

36
00:03:37,020 --> 00:03:40,200
station sends an authentication request to the access point.

37
00:03:40,530 --> 00:03:44,820
Access Point sends a challenge text to the station.

38
00:03:45,550 --> 00:03:52,440
The station then uses its default key to encrypt the challenge text and sends it back to the AP.

39
00:03:53,630 --> 00:04:01,190
The AP then decrypt the encrypted text with the Web key that corresponds to the station default key

40
00:04:02,000 --> 00:04:06,910
and then compares the result with the original challenge text if there's a match.

41
00:04:07,930 --> 00:04:13,840
Of course, that means they share the same key and the AP authenticates the station, if there's no

42
00:04:13,840 --> 00:04:17,380
match, the AP refuses to authenticate the station.

43
00:04:19,890 --> 00:04:23,400
So let's have a look at the association process in Wireshark.

44
00:04:25,030 --> 00:04:31,540
So I captured the packets of association processes that took place between a phone and my access point.

45
00:04:32,750 --> 00:04:39,110
So first, I filtered the results by applying the Mac address of the phone as the source address.

46
00:04:40,710 --> 00:04:49,110
Then the process takes place here, so probe request authentication and association packets, respectively.

47
00:04:50,760 --> 00:04:57,180
Then when we add a filter by playing the access point as the destination, we can see the response packets

48
00:04:57,180 --> 00:05:01,290
sent by the access point for the association process.